<?php
require_once "./interface/IController.php";
require_once "./view/View.php";
class UserController implements IController {
	private $view;
	
	public function __construct() {
		$this->view = new View ();
	}
	
	//设置方法的访问权限，若权限不匹配，则调用  forbidAction()
	public function getAccessRule() {
		return array (
			UserBean::$_GUEST => array ("login","logout" ) ,
			UserBean::$_ADMIN => array ("login","logout") ,
			UserBean::$_SENATE => array (),
			UserBean::$_INSTITUE => array()
		);

	}
	
	public function loginAction() {
		if (islogin()) { //已经登陆
			redirectTo ( urlToAction ( 'page', 'home' ) ); //转向到主页
		}
		$data="";
		
		if (isset ( $_POST ['username'] ) && isset( $_POST ['password'] )) {
			//对提交的用户名和密码进行验证
			if($_POST ['username'] =="" ||  $_POST ['password']==""){
			$data="请输入用户名和密码！";
			}else{
				$username = $_POST ['username'];
				$password = sha1($_POST ['password']);
			
				$mysql = MysqliObj::getInstance();
				$sql = "select * from User where username='" . $username . "' and password='" . $password . "'";
				$obj = $mysql->fetch_object( $sql );
				if ($obj) {
					$_SESSION ['userinfo'] ['userid'] = $obj->id;
					$_SESSION ['userinfo'] ['username'] = $obj->username;
					$_SESSION ['userinfo'] ['name'] = $obj->name;
					$_SESSION ['userinfo'] ['type'] = $obj->type;
					$_SESSION ['userinfo'] ['department'] = $obj->department;
					$_SESSION ['userinfo'] ['phone'] = $obj->phone;
					$_SESSION ['userinfo'] ['email'] = $obj->email;
					$_SESSION ['userinfo'] ['fax'] = $obj->fax;
					redirectTo ( urlToAction ( 'page', 'home' ) );
				} else {
					$data="用户名或密码错误！";
				}
			}
		}
		//若登陆失败，重新回到登陆页面
		// $data =array('a','b'); 通过 $data 数组给 view传递变量
		$this->view->render ( "login.php", $data );
	}
	
	
	public function logoutAction(){
		unset($_SESSION['userinfo']);
		//$_SESSION['userinfo']['type']='*';
		//$this->view->render ( "login.php");
		redirectTo ( urlToAction ( 'user', 'login' ) );
	}
	
	public function addUserAction(){
		if(isset($_POST['username'])){
			$user = new UserBean();
			foreach ($_POST as $key => $value){
				if(property_exists("UserBean", $key)){
					$user->$key = $value;
				}
			}
			$user->password = sha1($user->password);
			if($user->updateToDatabase()){
				$this->adminUserAction();
				return;
			}
		}
		if(isset($_GET['id'])){
			$user = UserBean::findUserById($_GET['id']);
			$this->view->render("add_user.php",$user);
			return;
		}
		$this->view->render("add_user.php");
	}
	public function adminUserAction(){
		if (isset ( $_GET ['page'] )) {
			$page = $_GET ['page'];
		} else {
			$page = 1;
		}
		$pageSize = Sysconfig::getPageSize ();
		$begin = ($page - 1) * $pageSize;
		$sql = "select * from `coursesystem`.`user` limit $begin, $pageSize";
		$sqlForNum = "select * from `coursesystem`.`user`";
		
			
		$db = MysqliObj::getInstance ();
		$resultArray = $db->fetch_arrays ( $sql );
			
		$activities = array ();
		if (! empty ( $resultArray )) {
			foreach ( $resultArray as $item ) {
				$activities [] = new ActivityBean ( $item );
			}
		}
			
		$data = array ();
		$data ['currentPage'] = $page;
		$data ['users'] = $activities;
			
		$result = $db->query ( $sqlForNum );
		if (! empty ( $result )) {
			$num = ( int ) ($result->num_rows / $pageSize);
			$data ['pageNum'] = $result->num_rows % $pageSize == 0 ? $num : $num + 1;
		} else {
			$data ['pageNum'] = 0;
		}
		$this->view->render("user_list.php",$data);
	}
	//当请求的	action 不合法时调用此方法
	//重载 IController 接口
	public function forbidAction() {
		if(!islogin())
			redirectTo(urlToAction('user','login'));
		$this->view->render ( "forbid.php" );
	}
}

?>